You are viewing a plain text version of this content. The canonical link for it is here.

Posted to modperl@perl.apache.org by Clinton Gormley <cl...@drtech.co.uk> on 2002/11/16 12:24:13 UTC

New module : Apache::Session::Manager

I've written a new module as a wrapper around Apache::Session which
provides short term (ie session) tracking (which is something that
Apache::SessionManager and Apache::SessionX provide), but this adds long
term user tracking, and methods to aid login, logout etc.

It is meant to be subclassed, so that you can add your own database
access methods to the module - full examples included!

I would appreciate feedback, not least of all, what it should be
called!  Apache::SessionManager exists already, and I realise that
calling this module Apache::Session::Manager will cause confusion, so
please...

README is below.  The module is available from :

http://cpan.perl.org/modules/by-authors/id/D/DR/DRTECH/Apache-Session-Manager-0.02.tar.gz


thanks

Clinton


Apache/Session/Manager version 0.02
===================================

Apache::Session::Manager provides a wrapper around Apache::Session which
adds the following :

  * Short term session tracking using cookies or URLs (query string / 
    POST data rather than URL munging)
  * Long term user tracking with cookies and query string
  * User recognition through query string (eg from an emailed link)
  * Login, logout, create new account, remove cookies - all operating
    with your favourite database and schema!

It needs to be subclassed by your own module, which provides the methods
to interact with your database - ie you can integrate this module into
you own database schema.

Apache::Session::Manager is not a "drop in" module - it requires a bit
of work on your part to make it work - but once that work is done, it
makes a lot of user and session management easy.  Any website that wants
to have any sort of long term relationship with a user needs to be able
to track a user through a session, allow the user to register, and issue
them with a password challenge before allowing them to view restricted
pages... which is exactly what this module does.

All you need to provide is 6 subroutines which speak to your database to
perform a few simple functions (looking up a username etc).

Re: New module : Apache::Session::Manager

Posted by Clinton Gormley <cl...@drtech.co.uk>.

Hi Enrico

After posting, I looked at Apache::AuthCookie for the first time - don't
why I hadn't looked at it before - to find that I was, indeed,
duplicating a lot of work that has been done before. Didn't I feel
foolish!

It looks like Perrin may have to write a "...why not to write your own
session manager article..." to compliment his Templating article.

Apologies for this.

I'll haul my sorry ass back to my machine now.

Clint

Re: New module : Apache::Session::Manager

Posted by Enrico Sorcinelli <e....@pisa.iol.it>.

On 16 Nov 2002 13:24:13 +0200
Clinton Gormley <cl...@drtech.co.uk> wrote:

> I've written a new module as a wrapper around Apache::Session which
> provides short term (ie session) tracking (which is something that
> Apache::SessionManager and Apache::SessionX provide), but this adds long
> term user tracking, and methods to aid login, logout etc.
> 
> 
> I would appreciate feedback, not least of all, what it should be
> called!  Apache::SessionManager exists already, and I realise that
> calling this module Apache::Session::Manager will cause confusion, so
> please...

Dear Clinton,
I think that the name you've chosen (Apache::Session::Manager) is wrong :-(
not because it will cause confusion with my Apache::SessionManager module,
but because Apache::Session::* namespace is informally reserved to
Apache::Session sub components like data storage, serializers or ID 
generators. Your (and my, of course) session manager module 
hasn't any relationships with these.
This name adds only a little bit of confusion on wrong (historically)
Apache::Session namespace - there is a direct tie between Apache::Session
and mod_perl? ;-)

When I started with my little project I've first searched on CPAN and the 
most similar module I founded was the AxKit-XSP-Session. Unfortunately this 
is a session manager plugin for AxKit and my goal was to develope a module 
with no glue with other applications server that the mod_perl itself.
Then I've chosen Apache::SessionManager (I've discarded 
Apache::Session::Manager name, of course) but before putting the first line of 
code on CPAN, I have sended various RFCs to mod_perl and module-authors@perl.org 
mailing lists, to comp.lang.perl.misc and comp.lang.perl.modules: this is 
the standard way to contribute to CPAN.
See ml/news archives for the complete threads [...]

I have done a (very) quick look to your code and I've seen some likeness with 
Apache::AuthCookie and/or Apache-AxKit-Plugin-Session. 
If you were doing something like this, you could probably start with one of the 
Auth* modules, which already do a good job of handling things.
I am also working to add this features not to my module but adding 
session management in Apache::AuthCookie!
Moreover, I agree about a possibility of the integration with your additional 
features into my Apache::SessionManager.

Regards

  	- Enrico